Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-05 16:18:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

KRB: do not set keytab by default.

Browse source 
Only enable decryption if a user purposefully sets a keytab.
This commit is contained in:
Johanna Amann 2018-06-01 12:46:26 -07:00
parent 8bb76cd3c1
commit 327acf6555
5 changed files with 26 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

20
testing/btest/scripts/base/protocols/krb/smb2_krb_nokeytab.test Normal file
View file

@ -0,0 +1,20 @@
# This test verifies that without a keytab file no entries are
# created and no errors happen.
#
# @TEST-REQUIRES: grep -q "#define USE_KRB5" $BUILD/bro-config.h
#
# @TEST-COPY-FILE: ${TRACES}/krb/smb2_krb.keytab
# @TEST-EXEC: bro -C -r $TRACES/krb/smb2_krb.pcap %INPUT
# @TEST-EXEC: btest-diff .stdout
# @TEST-EXEC: btest-diff .stderr
global monitor_ports: set[port] = { 445/tcp, 139/tcp } &redef;
event bro_init() &priority=5{
Analyzer::register_for_ports(Analyzer::ANALYZER_SMB, monitor_ports);
}
event krb_ap_request(c: connection, ticket: KRB::Ticket, opts: KRB::AP_Options){
print ticket?$authenticationinfo;
}